Re: MD5 vs. SHA1 hashed passwords in /etc/master.passwd: can we configure SHA1 in /etc/login.conf?



At 04:45 PM 1/3/2009, O. Hartmann wrote:

followed by a obligatory "cap_mkdb" seems to do something - changing
root's password results in different hashes when selecting different
hash algorithms like des, md5, sha1, blf or even sha256.

Well, I never digged deep enough into the source code to reveal the
magic and truth, so I will ask here for some help. Is it possible to
change the md5-algorithm by default towards sha1 as recommended after
the md5-collisions has been published?

Are you sure sha1 is supported ? It looks like if you put in something not understood in the login.conf file, it defaults to what appears to be DES.

---Mike

Thanks in advance,
Oliver
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"



Relevant Pages